home

usandosi.exe

MD5:
4f3f8b365e1ba836d724c2ff331dfadc

SHA-1:
5ea1d0f05952922b4d4ef65d87a657bfdfe7e0cb

SHA-256:
3c68744c8f6a9156a2eeb50551e3f32fa12680ee71590676dd97e11951eeb213

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 5:46:16 AM UTC  (today)

File size:
1.8 MB (1,921,435 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\usandosi.exe

File PE Metadata
Compilation timestamp:
5/25/2016 6:38:21 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
2.24

CTPH (ssdeep):
24576:esK+NYvjNiSU+YBh3mWX0SYEG8JsU3Aot+Ec0xMkwd0MzWsRdF:NK+NYvjNo+YBhT0JEed0MzWsRdF

Entry address:
0x1500

Entry point:
48, 83, EC, 28, 48, 8B, 05, 45, B7, 08, 00, C7, 00, 00, 00, 00, 00, E8, 8A, D2, 00, 00, E8, 95, FC, FF, FF, 90, 90, 48, 83, C4, 28, C3, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 48, 89, E5, 48, 83, EC, 30, E8, 43, D2, 00, 00, C7, 45, FC, 00, 00, 00, 00, 48, 8D, 15, B5, 6A, 08, 00, 48, 8B, 0D, 7E, B1, 08, 00, E8, E9, D6, 06, 00, 48, 8D, 45, F8, 48, 89, C2, 48, 8B, 0D, 3B, B1, 08, 00, E8, 06, 9F, 04, 00, EB, 24, 8B, 45, FC, 89, C2, 48, 8B, 0D, 58, B1, 08, 00, E8, B3, BF, 04, 00, 48, 8D, 15...
 
[+]

Entropy:
5.5206

Code size:
450.5 KB (461,312 bytes)

The file usandosi.exe has been seen being distributed by the following URL.

https://doc-04-68-docs.googleusercontent.com/docs/securesc/t8lno7tcsp059570pkhsvpnh0mvs3j2q/3rrno79tvf9r4sa7cjk211pkuhlu7bl3/1465401600000/.../14353993694709500350/0B0i12hQX4pZROFU1YVI3aWxkaU0?h=08716218212842694116&e=download

Scan usandosi.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.